Showing results for 
Search instead for 
Did you mean: 

ISE Client provisioning portal Cert error

Steven Williams

When a client connects to the network and or VPN they do to hit ISE for posture scan, but always prompted its an untrusted server. The Issue I am going to have is I will have PCs connecting to this from 2 different forests and contractors that do not have company issued laptops so they will get a prompt also. So are people using third party certs for their provisioning portals and guest wifi portals?

1 Accepted Solution
7 Replies 7

I figured. I mean thats probably the best way anyway.

Maybe I am missing it but when I get a third party cert from like verisign where is the section to create the cert request?

You should be able to generate the CSR by going to Administration > Certificates > Certificate Signing Requests > Generate Certificate Signing Request (CSR) in ISE. 

Back to this for a min. Unless I had a wildcard trusted third party cert I would need an individual cert for every portal I want to protect with ssl correct? So if I have a password portal called and a client provisioning portal called I would need to certs? How do I generate the csr for each one?

Generate Multiuse cert with FQDN and multiple SANs with what you want the portal URIs to be.

Hello Experts,

We have upload CA cert in ISE and same cert in Machine trusted list too. We r using Mschapv2 for authentication and Posture to check AV status.

But when user gets captive portal, Browser shows untrusted cert error even if cert is present in Browser's trust list.

Is there any specific check that we need to perform in ISE while generating CSR or any setting on Laptop?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers